- The FCC is revoking cybersecurity regulations for telecoms companies
- These protections were introduced after network intrusion by Chinese threat actor Salt Typhoon
- The Trump administration is removing regulations across the industry
The Republican-led Federal Communications Commission (FCC) has voted to remove measures implemented in the wake of the Salt Typhoon attack.
The mandated protections required Telecom firms to adopt basic security controls and network protections - and encouraged collaboration between the large network providers in order to protect consumers and national security.
The Salt Typhoone attacks saw threat actors lurking inside US telecom networks for upwards of a year - exfiltrating data in one of the largest cyber espionage campaigns recorded.
'Neither lawful nor effective'
The FCC voted to revoke the ruling, claiming it was ‘ineffective because it neither responded to the nature of the relevant cybersecurity threats nor was it consistent with the agile and collaborative approach to cybersecurity that has proven successful,’ the Commission documents note.
FCC members argud telecom firms are voluntarily bolstering their cybersecurity and hardening their networks against intrusions, so the regulations are an onerous legal burden for companies that are already doing the work.
Secretary Marlene Dortch said the protection ruling, “applies the same inflexible, across-the-board cybersecurity requirements to all telecommunications carriers without regard to their risk, size, or organizational posture.”
“This vague and amorphous standard risks imposing costly new burdens on many providers that are either not relevant to the potential threats they face, or which are redundant because those providers may already employ sufficient cybersecurity practices to reasonably reduce the risk of successful exploits by the most sophisticated threat actors,” she wrote.
The move follows a predictable pattern in a Trump administration which has repeatedly illustrated its de-prioritization of online protection, having already decimated public cybersecurity services through layoffs and re-assignments within CISA.
The administration has also demonstrated its aims in deregulation, especially within the technology industry - even going so far as to overrule state laws to dismantle existing protections for consumers of AI in order to give AI companies more freedoms.
Via The Record
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.